Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/5caab7-0eb0-429f-a7b0-e7d4551c19ab/1/YkDO4VY326alPeMc144EFpzEF_g.roa
File: YkDO4VY326alPeMc144EFpzEF_g.roa (raw, json)
Hash identifier: VrhrRQcNNswVX3V3TCkzS+Bf6K+WCyRfnmqzCenS0tk=
Subject key identifier: 62:40:CE:E1:56:37:DB:A6:A5:3D:E3:1C:D7:8E:04:16:9C:C4:17:F8
Certificate issuer: /CN=20f0c4ad1c4b0c536ed18723c8a95a348d28bf65
Certificate serial: 018CEA3AF2A2D8CC3D19108CEB90B3D5798F
Authority key identifier: 20:F0:C4:AD:1C:4B:0C:53:6E:D1:87:23:C8:A9:5A:34:8D:28:BF:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IPDErRxLDFNu0YcjyKlaNI0ov2U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/5caab7-0eb0-429f-a7b0-e7d4551c19ab/1/YkDO4VY326alPeMc144EFpzEF_g.roa
Signing time: Mon 08 Jan 2024 17:59:40 +0000
ROA not before: Mon 08 Jan 2024 17:59:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59689
IP address blocks: 185.3.128.0/22 maxlen: 22
2a02:5cc0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ea:3a:f2:a2:d8:cc:3d:19:10:8c:eb:90:b3:d5:79:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20f0c4ad1c4b0c536ed18723c8a95a348d28bf65
Validity
Not Before: Jan 8 17:59:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6240cee15637dba6a53de31cd78e04169cc417f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:84:8b:d3:9c:15:8e:1a:40:fd:a9:ac:12:c2:
08:9c:51:a5:27:e9:15:bb:fc:64:cc:f5:bb:36:6f:
12:bd:72:a6:ad:c6:88:56:67:1c:e3:1d:e4:13:94:
e4:50:81:31:0f:90:9c:ec:29:95:6e:49:66:14:50:
2e:98:56:ab:88:c6:26:bb:a6:85:bf:6c:1b:cb:59:
21:44:01:83:89:ed:9d:61:28:8a:73:de:3e:25:b4:
eb:84:97:91:0e:6a:42:dc:3f:c0:0e:1d:8d:f2:e6:
e5:f5:46:b2:b9:ca:51:75:bd:33:af:5f:77:3b:c8:
bb:d0:b0:20:85:84:4e:57:01:32:33:8f:c5:25:a5:
25:b3:de:05:12:29:59:1e:37:46:ca:1f:15:59:98:
47:03:db:96:25:f7:dc:41:a9:be:cb:a9:ef:0d:44:
95:d7:c2:4d:bb:8f:1c:05:16:f8:b3:28:06:24:d2:
09:a9:b2:e2:c1:41:da:96:f9:e6:cf:f6:00:22:ae:
c4:68:b7:6a:d4:29:4e:c5:14:f8:af:51:2b:34:4a:
94:b9:f1:c2:a2:c2:3a:a6:d1:c0:2e:7c:62:79:76:
f8:44:d8:5c:43:09:c5:74:f7:0c:a1:b2:06:a3:30:
f5:ad:44:1c:f5:c0:24:6d:46:4e:85:92:e0:45:1a:
e7:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:40:CE:E1:56:37:DB:A6:A5:3D:E3:1C:D7:8E:04:16:9C:C4:17:F8
X509v3 Authority Key Identifier:
keyid:20:F0:C4:AD:1C:4B:0C:53:6E:D1:87:23:C8:A9:5A:34:8D:28:BF:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IPDErRxLDFNu0YcjyKlaNI0ov2U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/5caab7-0eb0-429f-a7b0-e7d4551c19ab/1/YkDO4VY326alPeMc144EFpzEF_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/5caab7-0eb0-429f-a7b0-e7d4551c19ab/1/IPDErRxLDFNu0YcjyKlaNI0ov2U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.3.128.0/22
IPv6:
2a02:5cc0::/32
Signature Algorithm: sha256WithRSAEncryption
8c:4a:e1:37:e0:be:be:ac:61:e9:aa:aa:5d:65:06:68:94:7c:
56:2d:84:0b:0b:2b:62:04:fa:ef:d5:40:bf:9a:8c:54:fa:7e:
43:3f:e9:31:0e:8b:f7:69:07:9f:26:20:92:cc:8a:ca:ba:b0:
27:3c:9c:e2:22:8c:bd:6b:46:33:c3:d2:24:af:30:bf:32:7e:
74:e8:2a:a7:a7:7c:d9:98:7c:44:8b:77:21:ce:3f:c8:5f:9f:
d6:f6:95:51:32:86:be:82:94:ad:cd:9d:cb:8a:f4:89:33:fe:
31:8b:ac:db:3c:8a:a1:48:46:81:fb:86:28:41:2c:ee:96:ec:
47:a4:31:4c:99:4d:bf:eb:2e:e5:8a:b8:75:7d:11:b6:a6:2e:
ab:03:cd:0c:f1:5d:96:d8:e8:c7:66:a3:42:48:73:1b:fe:fb:
06:c4:6f:8d:c6:0d:7c:14:f5:84:b7:a2:38:92:74:ae:5f:19:
07:3c:bf:ef:05:d3:be:21:0f:f2:ba:87:68:2c:7f:8d:11:78:
63:d6:9a:c7:69:61:bf:d1:cd:aa:3e:60:14:c6:90:b3:01:57:
f7:f5:29:4d:a0:cf:df:33:b7:38:f5:9f:27:b5:85:bf:b5:74:
b6:ef:0d:e5:80:34:77:d0:11:af:26:88:f3:fe:f2:0c:67:ae:
92:44:91:e6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzqOvKi2Mw9GRCM65Cz1XmPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZjBjNGFkMWM0YjBjNTM2ZWQxODcyM2M4YTk1YTM0OGQy
OGJmNjUwHhcNMjQwMTA4MTc1OTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjQwY2VlMTU2MzdkYmE2YTUzZGUzMWNkNzhlMDQxNjljYzQxN2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYSL05wVjhpA/amsEsIInFGlJ+kV
u/xkzPW7Nm8SvXKmrcaIVmcc4x3kE5TkUIExD5Cc7CmVbklmFFAumFariMYmu6aF
v2wby1khRAGDie2dYSiKc94+JbTrhJeRDmpC3D/ADh2N8ubl9UayucpRdb0zr193
O8i70LAghYROVwEyM4/FJaUls94FEilZHjdGyh8VWZhHA9uWJffcQam+y6nvDUSV
18JNu48cBRb4sygGJNIJqbLiwUHalvnmz/YAIq7EaLdq1ClOxRT4r1ErNEqUufHC
osI6ptHALnxieXb4RNhcQwnFdPcMobIGozD1rUQc9cAkbUZOhZLgRRrnUwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGJAzuFWN9umpT3jHNeOBBacxBf4MB8GA1UdIwQY
MBaAFCDwxK0cSwxTbtGHI8ipWjSNKL9lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVBERXJSeExERk51MFljanlLbGFOSTBvdjJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS81Y2FhYjctMGViMC00MjlmLWE3YjAt
ZTdkNDU1MWMxOWFiLzEvWWtETzRWWTMyNmFsUGVNYzE0NEVGcHpFRl9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS81Y2FhYjctMGViMC00MjlmLWE3YjAtZTdkNDU1MWMxOWFi
LzEvSVBERXJSeExERk51MFljanlLbGFOSTBvdjJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQOAMA0E
AgACMAcDBQAqAlzAMA0GCSqGSIb3DQEBCwUAA4IBAQCMSuE34L6+rGHpqqpdZQZo
lHxWLYQLCytiBPrv1UC/moxU+n5DP+kxDov3aQefJiCSzIrKurAnPJziIoy9a0Yz
w9IkrzC/Mn506Cqnp3zZmHxEi3chzj/IX5/W9pVRMoa+gpStzZ3LivSJM/4xi6zb
PIqhSEaB+4YoQSzuluxHpDFMmU2/6y7lirh1fRG2pi6rA80M8V2W2OjHZqNCSHMb
/vsGxG+Nxg18FPWEt6I4knSuXxkHPL/vBdO+IQ/yuodoLH+NEXhj1prHaWG/0c2q
PmAUxpCzAVf39SlNoM/fM7c49Z8ntYW/tXS27w3lgDR30BGvJojz/vIMZ66SRJHm
-----END CERTIFICATE-----
Generated at Fri Oct 25 15:00:20 2024 by rpki-client on console-ams.rpki-client.org